I missed the subtlety, others will misunderstand too unless its made
clear in the specification.
Singing a document, or part of a document means different things to
different people, from I've seen it, to I believe this to be true, to I legally
commit myself to this transaction.
I propose that a set of standard vocabulary be suggested, to be included
as an attribute to the digital signature.
The default being (jn the absence of any other assertion):
The keyholder has 'touched' or 'received' the signed data.
Then in ascending order of commitment:
The keyholder has read the signed data.
The keyholder has read and agrees with the signed data.
The keyholder believes the signed data to be correct.
The keyholder believes the signed data to be correct and to be legally bound by it.
The first three should cover creating audit trails of who has received/seen a document.
The forth expresses what I wish to say in signing metadata describing documents.
The fifth I hope to come close to what the e-commerce people need to assert in thier
documents.
What do people think?
Martin
Martin Lee
AND Data Ltd.
Oxford
UK